From 027bcf9b43546063e62578858eee50ac278334f3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= <cynerd@email.cz>
Date: Tue, 19 Jul 2022 13:33:48 +0200
Subject: nixos: rework openvpn

---
 flake.lock                 | 28 ++++++++++++++--------------
 nixos/machine/binky.nix    | 11 ++++-------
 nixos/machine/ridcully.nix |  3 +++
 nixos/modules/openvpn.nix  | 36 ++++++++++++++++++++++++++++--------
 4 files changed, 49 insertions(+), 29 deletions(-)

diff --git a/flake.lock b/flake.lock
index 0a39d06..b762311 100644
--- a/flake.lock
+++ b/flake.lock
@@ -16,11 +16,11 @@
     },
     "flake-utils_2": {
       "locked": {
-        "lastModified": 1656065134,
-        "narHash": "sha256-oc6E6ByIw3oJaIyc67maaFcnjYOz1mMcOtHxbEf9NwQ=",
+        "lastModified": 1656928814,
+        "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "bee6a7250dd1b01844a2de7e02e4df7d8a0a206c",
+        "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249",
         "type": "github"
       },
       "original": {
@@ -44,11 +44,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1657649905,
-        "narHash": "sha256-gth8ki7Sme/DjUc/hXBHpn+cvQSx9oTLCXUjQbbrn3M=",
+        "lastModified": 1658150454,
+        "narHash": "sha256-dhyOQvRT8oYWN0SwsNyujohBsJqwF5W7fnhEcfgBk7E=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "09066922296d9ef06bfadb937b2560524dd10785",
+        "rev": "3110964916469ad6ed9fea72a0a3119a0959a14e",
         "type": "github"
       },
       "original": {
@@ -93,11 +93,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1656748427,
-        "narHash": "sha256-n53tR4ZpKC3YBbLvFkTIxB0aJRl85YfFerJI3pKTnio=",
+        "lastModified": 1658079384,
+        "narHash": "sha256-olmeJLvuCEY+IU4jtnKVUM1sGwi70+zqlMrFHtnBNdE=",
         "ref": "refs/heads/master",
-        "rev": "e7e8404b2c04e7b361ff72d81d6273bd13d40800",
-        "revCount": 26,
+        "rev": "12747ad801b7f4cf90a1716db5547bb0fb3b72a0",
+        "revCount": 29,
         "type": "git",
         "url": "https://git.cynerd.cz/nixturris"
       },
@@ -108,11 +108,11 @@
     },
     "personal-secret": {
       "locked": {
-        "lastModified": 1655473825,
-        "narHash": "sha256-lG/h0oOCMToprLdm1hNB97rXGzIaoqqhWEEPXBexH64=",
+        "lastModified": 1658221229,
+        "narHash": "sha256-+dpsauDVyKt5wRo0jCD9vvEJL5TDdf7IabX3RQKbRjQ=",
         "ref": "refs/heads/master",
-        "rev": "988d0672e12f63b4e8ac95cadcf00e5986c0e7e3",
-        "revCount": 19,
+        "rev": "bbc74448642373618dedb1e9fa180720fab70cbf",
+        "revCount": 22,
         "type": "git",
         "url": "ssh://git@cynerd.cz/nixos-personal-secret"
       },
diff --git a/nixos/machine/binky.nix b/nixos/machine/binky.nix
index c7e319a..7be8017 100644
--- a/nixos/machine/binky.nix
+++ b/nixos/machine/binky.nix
@@ -13,6 +13,10 @@ with lib;
       wifiClient = true;
       develop = true;
       gaming = true;
+      openvpn = {
+        oldpersonal = true;
+        elektroline = true;
+      };
     };
 
     boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod"];
@@ -57,13 +61,6 @@ with lib;
       dataDir = "/home/cynerd";
       configDir = "/home/cynerd/.config/syncthing";
     };
-    services.openvpn.servers.oldpersonal = {
-      config = "config /run/secrets/old.ovpn";
-    };
-    services.openvpn.servers.elektroline = {
-      config = "config /run/secrets/elektroline.ovpn";
-    };
-
 
   };
 
diff --git a/nixos/machine/ridcully.nix b/nixos/machine/ridcully.nix
index 7151878..30b8de1 100644
--- a/nixos/machine/ridcully.nix
+++ b/nixos/machine/ridcully.nix
@@ -9,6 +9,9 @@ with lib;
       desktop.enable = true;
       develop = true;
       gaming = true;
+      openvpn = {
+        elektroline = true;
+      };
     };
 
     boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage"];
diff --git a/nixos/modules/openvpn.nix b/nixos/modules/openvpn.nix
index abcd1f0..d070cb2 100644
--- a/nixos/modules/openvpn.nix
+++ b/nixos/modules/openvpn.nix
@@ -9,18 +9,38 @@ let
 in {
 
   options = {
-    cynerd.openvpn.enable = mkOption {
-      type = types.bool;
-      default = false;
-      description = "My personal OpenVPN";
+    cynerd.openvpn = {
+      personal = mkOption {
+        type = types.bool;
+        default = false;
+        description = "My personal OpenVPN";
+      };
+      oldpersonal = mkOption {
+        type = types.bool;
+        default = false;
+        description = "My personal old OpenVPN";
+      };
+      elektroline = mkOption {
+        type = types.bool;
+        default = false;
+        description = "Elektroline OpenVPN";
+      };
     };
   };
 
-  config = mkIf cnf.enable {
-    services.openvpn.servers.personal = {
-      config = "config /run/secrets/personal.ovpn";
+  config = {
+    services.openvpn.servers = {
+      personal = mkIf cnf.personal {
+        config = "config /run/secrets/personal.ovpn";
+      };
+      oldpersonal = mkIf cnf.oldpersonal {
+        config = "config /run/secrets/old.ovpn";
+      };
+      elektroline = mkIf  cnf.elektroline {
+        autoStart = false;
+        config = "config /run/secrets/elektroline.ovpn";
+      };
     };
   };
 
 }
-
-- 
cgit v1.2.3